diff options
| author | Vivek Kumbhar <vkumbhar@mvista.com> | 2023-11-22 11:29:29 +0530 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2023-12-02 16:36:56 -1000 |
| commit | 24121f969931ce1192ef923013929d0719cf22e1 (patch) | |
| tree | 6524ee3a1322170174c1a30b348d1423d47276a6 | |
| parent | f8a7dbd8fb3b7e8d224f65d5ac27481b13b7db18 (diff) | |
| download | poky-24121f969931ce1192ef923013929d0719cf22e1.tar.gz | |
openssl: fix CVE-2023-5678 Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow
(From OE-Core rev: 6cd4c30a2811420159d72c2f0a9430f1f0294686)
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch | 180 | ||||
| -rw-r--r-- | meta/recipes-connectivity/openssl/openssl_3.0.12.bb | 1 |
2 files changed, 181 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch new file mode 100644 index 0000000000..796a4f8be9 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch | |||
| @@ -0,0 +1,180 @@ | |||
| 1 | From db925ae2e65d0d925adef429afc37f75bd1c2017 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Richard Levitte <levitte@openssl.org> | ||
| 3 | Date: Fri, 20 Oct 2023 09:18:19 +0200 | ||
| 4 | Subject: [PATCH] Make DH_check_pub_key() and DH_generate_key() safer yet | ||
| 5 | |||
| 6 | We already check for an excessively large P in DH_generate_key(), but not in | ||
| 7 | DH_check_pub_key(), and none of them check for an excessively large Q. | ||
| 8 | |||
| 9 | This change adds all the missing excessive size checks of P and Q. | ||
| 10 | |||
| 11 | It's to be noted that behaviours surrounding excessively sized P and Q | ||
| 12 | differ. DH_check() raises an error on the excessively sized P, but only | ||
| 13 | sets a flag for the excessively sized Q. This behaviour is mimicked in | ||
| 14 | DH_check_pub_key(). | ||
| 15 | |||
| 16 | Reviewed-by: Tomas Mraz <tomas@openssl.org> | ||
| 17 | Reviewed-by: Matt Caswell <matt@openssl.org> | ||
| 18 | Reviewed-by: Hugo Landau <hlandau@openssl.org> | ||
| 19 | (Merged from https://github.com/openssl/openssl/pull/22518) | ||
| 20 | |||
| 21 | (cherry picked from commit ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6) | ||
| 22 | |||
| 23 | Upstream-Status: Backport [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017] | ||
| 24 | CVE: CVE-2023-5678 | ||
| 25 | Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> | ||
| 26 | --- | ||
| 27 | crypto/dh/dh_check.c | 12 ++++++++++++ | ||
| 28 | crypto/dh/dh_err.c | 3 ++- | ||
| 29 | crypto/dh/dh_key.c | 12 ++++++++++++ | ||
| 30 | crypto/err/openssl.txt | 1 + | ||
| 31 | include/crypto/dherr.h | 2 +- | ||
| 32 | include/openssl/dh.h | 6 +++--- | ||
| 33 | include/openssl/dherr.h | 3 ++- | ||
| 34 | 7 files changed, 33 insertions(+), 6 deletions(-) | ||
| 35 | |||
| 36 | diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c | ||
| 37 | index 7ba2bea..e20eb62 100644 | ||
| 38 | --- a/crypto/dh/dh_check.c | ||
| 39 | +++ b/crypto/dh/dh_check.c | ||
| 40 | @@ -249,6 +249,18 @@ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key) | ||
| 41 | */ | ||
| 42 | int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) | ||
| 43 | { | ||
| 44 | + /* Don't do any checks at all with an excessively large modulus */ | ||
| 45 | + if (BN_num_bits(dh->params.p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) { | ||
| 46 | + ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE); | ||
| 47 | + *ret = DH_MODULUS_TOO_LARGE | DH_CHECK_PUBKEY_INVALID; | ||
| 48 | + return 0; | ||
| 49 | + } | ||
| 50 | + | ||
| 51 | + if (dh->params.q != NULL && BN_ucmp(dh->params.p, dh->params.q) < 0) { | ||
| 52 | + *ret |= DH_CHECK_INVALID_Q_VALUE | DH_CHECK_PUBKEY_INVALID; | ||
| 53 | + return 1; | ||
| 54 | + } | ||
| 55 | + | ||
| 56 | return ossl_ffc_validate_public_key(&dh->params, pub_key, ret); | ||
| 57 | } | ||
| 58 | |||
| 59 | diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c | ||
| 60 | index 4152397..f76ac0d 100644 | ||
| 61 | --- a/crypto/dh/dh_err.c | ||
| 62 | +++ b/crypto/dh/dh_err.c | ||
| 63 | @@ -1,6 +1,6 @@ | ||
| 64 | /* | ||
| 65 | * Generated by util/mkerr.pl DO NOT EDIT | ||
| 66 | - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. | ||
| 67 | + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. | ||
| 68 | * | ||
| 69 | * Licensed under the Apache License 2.0 (the "License"). You may not use | ||
| 70 | * this file except in compliance with the License. You can obtain a copy | ||
| 71 | @@ -54,6 +54,7 @@ static const ERR_STRING_DATA DH_str_reasons[] = { | ||
| 72 | {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR), | ||
| 73 | "parameter encoding error"}, | ||
| 74 | {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"}, | ||
| 75 | + {ERR_PACK(ERR_LIB_DH, 0, DH_R_Q_TOO_LARGE), "q too large"}, | ||
| 76 | {ERR_PACK(ERR_LIB_DH, 0, DH_R_SHARED_INFO_ERROR), "shared info error"}, | ||
| 77 | {ERR_PACK(ERR_LIB_DH, 0, DH_R_UNABLE_TO_CHECK_GENERATOR), | ||
| 78 | "unable to check generator"}, | ||
| 79 | diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c | ||
| 80 | index d84ea99..afc49f5 100644 | ||
| 81 | --- a/crypto/dh/dh_key.c | ||
| 82 | +++ b/crypto/dh/dh_key.c | ||
| 83 | @@ -49,6 +49,12 @@ int ossl_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | ||
| 84 | goto err; | ||
| 85 | } | ||
| 86 | |||
| 87 | + if (dh->params.q != NULL | ||
| 88 | + && BN_num_bits(dh->params.q) > OPENSSL_DH_MAX_MODULUS_BITS) { | ||
| 89 | + ERR_raise(ERR_LIB_DH, DH_R_Q_TOO_LARGE); | ||
| 90 | + goto err; | ||
| 91 | + } | ||
| 92 | + | ||
| 93 | if (BN_num_bits(dh->params.p) < DH_MIN_MODULUS_BITS) { | ||
| 94 | ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_SMALL); | ||
| 95 | return 0; | ||
| 96 | @@ -267,6 +273,12 @@ static int generate_key(DH *dh) | ||
| 97 | return 0; | ||
| 98 | } | ||
| 99 | |||
| 100 | + if (dh->params.q != NULL | ||
| 101 | + && BN_num_bits(dh->params.q) > OPENSSL_DH_MAX_MODULUS_BITS) { | ||
| 102 | + ERR_raise(ERR_LIB_DH, DH_R_Q_TOO_LARGE); | ||
| 103 | + return 0; | ||
| 104 | + } | ||
| 105 | + | ||
| 106 | if (BN_num_bits(dh->params.p) < DH_MIN_MODULUS_BITS) { | ||
| 107 | ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_SMALL); | ||
| 108 | return 0; | ||
| 109 | diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt | ||
| 110 | index e51504b..36de321 100644 | ||
| 111 | --- a/crypto/err/openssl.txt | ||
| 112 | +++ b/crypto/err/openssl.txt | ||
| 113 | @@ -500,6 +500,7 @@ DH_R_NO_PARAMETERS_SET:107:no parameters set | ||
| 114 | DH_R_NO_PRIVATE_VALUE:100:no private value | ||
| 115 | DH_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error | ||
| 116 | DH_R_PEER_KEY_ERROR:111:peer key error | ||
| 117 | +DH_R_Q_TOO_LARGE:130:q too large | ||
| 118 | DH_R_SHARED_INFO_ERROR:113:shared info error | ||
| 119 | DH_R_UNABLE_TO_CHECK_GENERATOR:121:unable to check generator | ||
| 120 | DSA_R_BAD_FFC_PARAMETERS:114:bad ffc parameters | ||
| 121 | diff --git a/include/crypto/dherr.h b/include/crypto/dherr.h | ||
| 122 | index bb24d13..519327f 100644 | ||
| 123 | --- a/include/crypto/dherr.h | ||
| 124 | +++ b/include/crypto/dherr.h | ||
| 125 | @@ -1,6 +1,6 @@ | ||
| 126 | /* | ||
| 127 | * Generated by util/mkerr.pl DO NOT EDIT | ||
| 128 | - * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. | ||
| 129 | + * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. | ||
| 130 | * | ||
| 131 | * Licensed under the Apache License 2.0 (the "License"). You may not use | ||
| 132 | * this file except in compliance with the License. You can obtain a copy | ||
| 133 | diff --git a/include/openssl/dh.h b/include/openssl/dh.h | ||
| 134 | index 6533260..50e0cf5 100644 | ||
| 135 | --- a/include/openssl/dh.h | ||
| 136 | +++ b/include/openssl/dh.h | ||
| 137 | @@ -141,7 +141,7 @@ DECLARE_ASN1_ITEM(DHparams) | ||
| 138 | # define DH_GENERATOR_3 3 | ||
| 139 | # define DH_GENERATOR_5 5 | ||
| 140 | |||
| 141 | -/* DH_check error codes */ | ||
| 142 | +/* DH_check error codes, some of them shared with DH_check_pub_key */ | ||
| 143 | /* | ||
| 144 | * NB: These values must align with the equivalently named macros in | ||
| 145 | * internal/ffc.h. | ||
| 146 | @@ -151,10 +151,10 @@ DECLARE_ASN1_ITEM(DHparams) | ||
| 147 | # define DH_UNABLE_TO_CHECK_GENERATOR 0x04 | ||
| 148 | # define DH_NOT_SUITABLE_GENERATOR 0x08 | ||
| 149 | # define DH_CHECK_Q_NOT_PRIME 0x10 | ||
| 150 | -# define DH_CHECK_INVALID_Q_VALUE 0x20 | ||
| 151 | +# define DH_CHECK_INVALID_Q_VALUE 0x20 /* +DH_check_pub_key */ | ||
| 152 | # define DH_CHECK_INVALID_J_VALUE 0x40 | ||
| 153 | # define DH_MODULUS_TOO_SMALL 0x80 | ||
| 154 | -# define DH_MODULUS_TOO_LARGE 0x100 | ||
| 155 | +# define DH_MODULUS_TOO_LARGE 0x100 /* +DH_check_pub_key */ | ||
| 156 | |||
| 157 | /* DH_check_pub_key error codes */ | ||
| 158 | # define DH_CHECK_PUBKEY_TOO_SMALL 0x01 | ||
| 159 | diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h | ||
| 160 | index 5d2a762..074a701 100644 | ||
| 161 | --- a/include/openssl/dherr.h | ||
| 162 | +++ b/include/openssl/dherr.h | ||
| 163 | @@ -1,6 +1,6 @@ | ||
| 164 | /* | ||
| 165 | * Generated by util/mkerr.pl DO NOT EDIT | ||
| 166 | - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. | ||
| 167 | + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. | ||
| 168 | * | ||
| 169 | * Licensed under the Apache License 2.0 (the "License"). You may not use | ||
| 170 | * this file except in compliance with the License. You can obtain a copy | ||
| 171 | @@ -50,6 +50,7 @@ | ||
| 172 | # define DH_R_NO_PRIVATE_VALUE 100 | ||
| 173 | # define DH_R_PARAMETER_ENCODING_ERROR 105 | ||
| 174 | # define DH_R_PEER_KEY_ERROR 111 | ||
| 175 | +# define DH_R_Q_TOO_LARGE 130 | ||
| 176 | # define DH_R_SHARED_INFO_ERROR 113 | ||
| 177 | # define DH_R_UNABLE_TO_CHECK_GENERATOR 121 | ||
| 178 | |||
| 179 | -- | ||
| 180 | 2.40.1 | ||
diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.12.bb b/meta/recipes-connectivity/openssl/openssl_3.0.12.bb index d8c9b073a2..395cace2ec 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.0.12.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.0.12.bb | |||
| @@ -12,6 +12,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ | |||
| 12 | file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ | 12 | file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ |
| 13 | file://afalg.patch \ | 13 | file://afalg.patch \ |
| 14 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ | 14 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ |
| 15 | file://CVE-2023-5678.patch \ | ||
| 15 | " | 16 | " |
| 16 | 17 | ||
| 17 | SRC_URI:append:class-nativesdk = " \ | 18 | SRC_URI:append:class-nativesdk = " \ |
